By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations
Rita Gutierrez-Garcia missing since March 17, 2018 from Longmont, Colorado.
It was St. Patrick’s Day, March 17, 2018, a mother of three boys vanished into thin air in Longmont, Colorado. Rita Gutierrez-Garcia went out to celebrate with friends and family in the evening.
The group went bar hopping to the Speakeasy located at 301 West Main Street and the Breaker’s Grill located at 380 Main Street. Rita was last seen in an alley behind 3’s bar talking on her phone at approximately 2:30 a.m.
Deputy Chief Jeff Satur of Longmont Police Department said Rita was overheard telling someone on the phone she would get a ride from “someone else.” Authorities also say there were as many as seven or eight potential witnesses behind the bar that evening.
“Our old standby of tracking the phone is not working for us,” said Satur. “But we are working our very hardest to find Rita.”
Rita is a mother of three young boys, ages 9, 13, and 18, and described by family as a bubbly and busy mom, who is just one college semester away from becoming a paralegal. Something she has worked very hard for.
Satur told Fox 31, “As you can imagine, everybody is concerned,” he said. “This is unusual behavior.”
Police have asked for anyone who may have seen Rita that evening, to call them immediately.
Connection to Beating Victim Dismissed
Longmont Police Department was investigating the possible connection between a young man found with head trauma and the disappearance of Rita. Tyler Bullock was found at the same location eight days after Rita disappeared, at approximately 2:30 a.m.
Tyler Bullock was found unconscious five days after Rita Gutierrez-Garcia’s disappearance in the same area.
According to Tyler’s sister Kristal Beecher, Tyler was in the intensive care unit for head trauma due to bleeding on his brain. Tyler was found behind the bar unresponsive due to serious head injuries. He is now recovering.
“There is zero connection. I just need to stress there are no suspects in my case. It’s really just a matter of the specific block in Longmont needing better security systems, more cops on busy nights, and cameras, maybe undercovers,” said Tyler, still recovering from the traumatic experience.
The Search
On March 24, 2018, Longmont Police divers searched a pond at Golden Ponds Parks southwest of Hover Street and Third Avenue but did not find anything. Golden Ponds is a network of ponds and walking paths. Police, Longmont Emergency Unit, and Longmont Fire Department searched from approximately 9 a.m. to 4 p.m. Canines were also used in the search.
Police diverssearching area of Golden Ponds inLongmont, Colorado. Courtesy of Daily Camera.
Deputy Chief Satur declined to answer what they were searching for. “We were looking for evidence,” Satur said. “That’s all I can say.”
Police are treating the disappearance as a missing person case and “suspicious disappearance.”
“We will continue to work all leads and go from there,” Satur said. “We are going to continue working until we figure out what happened.”
Police have been working long hours in the search for Rita, and rotating staff to ensure fresh eyes are involved in the investigation.
Mom and Sister Plead for Help at Press Conference
Prior to Rita’s disappearance, she was very active on Snapchat but has not posted since her disappearance. This worries her family.
Diane Romero and Jessica Romero please for the public’s help in the search for Rita Gutierrez-Garcia.
“I love you,” said Rita’s mother Diane Romero at a press conference organized by Longmont Police Department on March 22, 2018. Holding a picture of her daughter, “I need you here,” she said.
Rita’s sister Jessica Romero tearfully told reporters, “She’s my older sister and I’ve never had to go a day without her in my entire life,” said Romero.
Family and Friends Hold Vigil
Family and friends of Rita held a prayer vigil on March 25th at Longmont’s Thompson Park. There, they offered comfort to each other and covered a tree with ribbons of different colors and cards with prayers for her safe return.
“I know they are doing all they can do to help us,” Romero said about police investigators. “They are doing a lot to bring Rita home.”
Rita’s sister Jessica said, “I’m trying not to break down.” Rita’s three sons are staying with her and she is trying to be strong for them. “It’s been nerve-wracking just trying to remember to breathe.”
Pastor Choutka, the pastor at the Rocky Mountain Christian Church’s Niwot campus, asked people attending the vigil to gather around the family, asking God to give Rita’s mother strength and help the investigators.
“By the powerful name of Jesus, we do ask for a miracle, that she be found safe and sound,” Choutka said to those who gathered at the park to pray.
Rumors and speculation of what happened to Rita have circulated and the family is trying to protect the young boys and cousins. “We are trying to keep them strong,” Diane Romero said.
Rita was last seen wearing a black long-sleeved shirt with black leggings. She has tattoos on both arms, as well as on her shoulder and on her feet.
Sleeve tattoo with eye and wave design on Rita Gutierrez-Garcia’s arm.
Anyone with information about the disappearance of Rita Gutierrez-Garcia should contact the Longmont Police Department 303-651-8501.
Millions of people are visiting our beautiful national parks each year. They travel from one side of the continent to the other to see the breathtaking tall Sequoia trees on the west coast to the pristine beaches of South Carolina on the east coast.
Attendance numbers at national parks have set record highs in the last few years. According to Los Angeles Times, Death Valley, Joshua Tree, Sequoia and Yosemite national parks reported setting attendance records during 2016, with all parks reporting a 330.97 million people visiting our recreational parks – and hundreds, maybe thousands, of those people are now missing.
Shoshone National Forest: Amy Wroe Bechtel
It was 21-years ago, on the afternoon of July 24, 1997, Amy Wroe Bechtel, 24, began her run outside of Lander, Wyoming, training for the 2000 Olympic Marathon she had hoped to qualify for. She never returned.
Wyoming is called “America’s biggest small town” and Lander is an outdoor enthusiast hub, where climbers gravitate to the unique geological formations in Sinks Canyon within the Shoshone National Forest.
Shoshone National Forest in Wyoming is a climber’s paradise.
Sinks Canyon is part of a magnificent ecosystem stretching from sagebrush and juniper covered foothills, through conifer forests, aspen meadows to the alpine habitat in mid-central Wyoming.
Amy vanished while running along Loop Road, a route that includes Sinks Canyon Road and runs the Popo Agie River approximately 15 miles south of Lander. Her car was found by her neighbors, Todd Skinner and Amy Whisler, parked at Burnt Gulch where Amy was marking her 10K hill climb she was planning for the fall. When Amy had not returned by evening, her neighbors got into their car and headed for the gravel road of switchbacks ascending to Loop Road. At approximately 1:00 a.m., they find Amy’s white Toyota Tercel wagon parked on the side of the road where Loop Road splits to the pine-shrouded Burnt Gulch turnoff.
The weather during July is mild with days averaging 85 degrees and evenings about 54 degrees. There had been rain in the afternoon. Puddles of water surrounded the vehicle. Todd and Amy look for footprints or tire tracks but see nothing. Only Amy’s sunglasses, her keys in the driver’s seat and a to-do list were found in the car. Her green “Eagle” wallet was missing. Panicked, Todd calls Amy’s husband Steve Bechtel.
The search for Amy began early the following morning with her husband Steve and about a dozen of his friends. By day’s end, dogs, dirt bikes, ATVs, and over 100 volunteers had joined the search. The following day, horses and helicopters began searching the rugged terrain. By the third day, police expanded the search to a 30-mile radius.
As with most missing person cases, or missing wives, police turn toward the husband. In this case, Steve Bechtel. A move that, 20 years later, appears totally unwarranted and limited the search with tunnel vision, the enemy of any investigation.
Amy and Steve both graduated from the University of Wyoming with degrees in exercise physiology. They had been married a little over a year.
Steve was a climber. He and Amy both worked at Wild Iris, the local climbing shop. Amy taught a youth weightlifting class at Wind River Fitness Center and worked part-time at the Sweetwater Grill.
By all appearances, Amy and Steve were the bubbly, happy newlyweds and had just bought their first home in Lander, with a population of 7,000.
Police searched Steve’s journals and acquaintances gave conflicting statements about their relationship. Some described them as idyllic, while others stated Steve was often jealous and belittling.
The FBI would make accusations Steve killed his wife. A claim current detectives disagree.
Steve had an alibi backed up by a fellow climber. At the time, he had been about 75 miles from his home in Lander. He met with his friend Sam Lightner and Bechtel’s yellow lab Jonz and rode north to Cartridge Creek area of Shoshone National Forest to scout for a climbing location.
According to a Runner’s World article, “Long Gone Girl,” Fremont County Sheriff’s cold case detective Sergeant John Zerga disagrees with the way the case was handled in 1997. “Nowadays everything is viewed as a homicide. Back then it wasn’t viewed that way. She was just a missing runner. For three days,” Zerga said. “We didn’t close off any routes out of here,” Zerga continues. “We didn’t close off any vehicles. All we had was a bunch of people up here looking for a missing runner. We actually ruined the investigation with the vehicle because we allowed the Skinners to drive it home. [The investigation] was not good for at least the first three days. There was a lot of stuff lost.”
While all eyes had been on Steve, it wouldn’t be until over a decade later when the brother of Dale Wayne Eaton, 57, would talk to police. He had tried to contact law enforcement earlier but no response.
“I think our detectives who were working the case were so adamant it was Steve, they weren’t looking in other directions.” said Sergeant Zerga. Fifteen years after Amy vanished, Zerga spoke to Eaton’s brother who told him Eaton would often camp in the area Amy had vanished. “Few camped in the area, and few outside of Lander even knew about the area” Zerga added. “If we could prove Dale was in the area, that puts him as the number one lead.”
Eaton had tried to abduct a family pulled over with car trouble. After his arrest for the attempted kidnapping, he escaped and was later found by authorities in the Shoshone National Forest. He was incarcerated and required to submit a DNA sample.
In 1988 Lisa Marie Kimmel vanished on a trip from Colorado to Billings, Montana. Fourteen years later DNA would be linked to Eaton. An autopsy would determine Kimmel had been beaten, bound and raped for at least six days, then taken to the Old Government Bridge where she was hit on the head with a blunt object, stabbed six times in the chest and abdomen, then thrown into the river.
Police searched Eaton’s property about one hour away from where Kimmel was last seen alive. They excavated a spot on the property and unearthed Kimmel’s Honda CRX bearing her license plate “LIL MISS.”
Eaton was sentenced to death on March 20, 2004, for Kimmel’s kidnapping, rape, and murder. As for Amy, Eaton had remained tight-lipped but as with everything, justice has a way of coming around.
Anyone with information should call the Fremont County Sheriff’s Office at 307-332-5611.
Coconino National Forest: David Barclay Miller
The Red Rock-Secret Mountain Wilderness is a collection of buttes, cliff, and canyons known as one of the most magnificent places on the planet. The red rock cliffs of the Mogollon Rim mark the edge of the Colorado Plateau in the Coconino National Forest. Sycamore Canyon Wilderness borders on the east, the high mesas of Secret Mountain and Wilson Mountain jut out into lower canyons as deep as 1,500 feet draining out into Oak Creek and the Verde River.
Sedona Red Rocks is one of the most popular traveler’s destinations in the world.
Red is the predominant hue in the 43,950 acres. It is a 360-degree view of wind and water sculpted pinnacles, arches, windows and slot canyons. It is a place where sound bounces back and forth, almost in a musical chorus.
Trails crisscross the area taking one from the deepest gorges to protuberant panoramas overlooking the beauty. There is rock art on the walls from the area’s early inhabitants, along with abandoned dwellings high in the canyon walls.
The area draws hikers, photographers, backpackers, and horseback riders from around the world to wander among the manzanitas and red rocks.
An experienced hiker, David Miller, 22, was last seen at the Beaver Creek Ranger Station preparing to leave on a two-day hike on May 19, 1998, in the Red Rock/Secret Mountain Wilderness area.
At the time of his disappearance, David was employed by the Sedona Forest Service. The weather would have been mild with days reaching 83 degrees and nights about 51 degrees.
David was last seen wearing a T-shirt, black hiking boots, and carrying a forest green Gregory backpack.
It is thought David may have fallen on slippery terrain or became lost. Anyone with information should call Yavapai County Sheriff’s Office at 520-771-3260.
Salmon-Challis National Forest: DeOrr Kunz
It has been nearly two years since 2-year old DeOrr Kunz vanished on July 10, 2015, while on a camping trip at the Timber Creek Campground in the beautiful mountains of Idaho.
DeOrr’s father, Vernal DeOrr Kunz, mother Jessica Mitchell and grandfather Robert Walton, along with Isaac Reinwand, Walton’s friend and fishing buddy, had set up camp in the remote wilderness of the Salmon-Challis National forest.
The Salmon-Challis National Forest contains over 4.3 million acres in east-central Idaho. The Frank Church River of No Return Wilderness area takes up 1.3 million acres, the largest contiguous wilderness area in the Continental United States.
Salmon-Challis National Park is not only breathtaking, it is a rugged and remote area in the state of Idaho.
The area is remote, rugged and draws those seeking adventure, solitude and breathtaking scenery. The scenic Salmon River area is popular for fishing, hunting, and white-water rafting.
The winter weather in Salmon-Challis can be brutal, but in July averages 85 degrees during the day and 52 overnight.
The day of DeOrr’s disappearance, Kunz and Mitchell said they took their son to the general store for snacks and supplies. Upon their return, they walked down an embankment to scout a place to fish. Within minutes, they found minnows and quickly turned back to get DeOrr so he could see them and found he was not in his chair and was not with his grandfather. There has been about a 7 to 10-minute gap where DeOrr was not supervised. Panicked, they searched the surrounding campsite and could not find the little boy. They called the police.
DeOrr Kunz
Within three hours, authorities from the Lemhi County Sheriff’s Office quickly responded and began swarming a two-mile radius with search and rescue crews using ATVs to search the landscape and divers scouring the nearby reservoir.
For two-days, approximately two hundred volunteers responded, searching the wilderness for a tiny toddler to no avail.
“At this point, I have kind of accepted I might not see him, I might not bring him home like I want to,” Mitchell said. “Any answers are better than what we have now.”
Two years later, there is little else to go on. In a KTVB interview, Mitchell says she believes her son is still alive but admits she is losing hope.
Impossible to move on without answers, Mitchell and her husband are named suspects in the disappearance of their son by former Lemhi County sheriff, Lynn Bowerman. A common response for law enforcement is to look closely at all family members. They both maintain their innocence. No arrests or charges have ever been filed.
There is no evidence DeOrr was attacked by an animal. Investigators remain baffled.
Mitchell and her family believe someone abducted DeOrr. She has returned to the campground several times to search but to her frustration has not found anything. “Every time I leave there, and there is still nothing, it just goes back to I think someone has him,” Mitchell said.
Trina Clegg, Mitchell’s mother has spearheaded the search for little DeOrr handing out business cards and flyers with age-progression photos of what DeOrr would look like today.
“In my opinion, he could be anywhere,” Clegg said. “We just want you to care about baby DeOrr. We want you at night to say your prayers for baby DeOrr. We want you to wake up in the morning and hope he’s there,” she added.
Anyone with information about DeOrr’s disappearance should contact Lemhi County Sheriff’s Office at 208-756-8980.
Rio Grande National Forest: Joe Keller
Joseph Keller, 19, was an adventurous young man from Cleveland, Tennessee. He was spending his summer with friends Collin Gwaltney and Christian Fetzner exploring the west between his freshman and sophomore years at Cleveland State Community College. They had visited San Francisco, Las Vegas, and the Grand Canyon on their way to Joe’s aunt and uncles dude ranch, The Rainbow Trout Ranch, in the San Juan Mountains of Colorado.
Rated as one of the top fly-fishing ranches in the country, it is based in southwestern Colorado, with private angling along the Conejos River, a tributary to the Rio Grande flowing right through the property.
Rainbow Trout Ranch is nestled in the San Juan Mountains with the Rio Grande running through the property.
The young men were in for a treat visiting a place that combines the splendor of the Rocky Mountains with the enchantment of New Mexico.
About four hours south of Denver, the Rio Grande National Forest surrounds the ranch with 1.83 million acres and is considered a jewel of Colorado. The Continental Divide runs 236 miles along most of the forest and the tops of the Sangre de Christo Mountains form the eastern border. In between, sits the spectacular San Luis Valley which is a large agricultural alpine valley. This majestic sprawling land is the last place you want to get lost.
Joe was a competitive runner and obstacle course racer. His friend Collin, a varsity cross-country runner. They had been spending time running together during their travels.
Neither was used to the high elevations, the ranch sitting at approximately 9,000 feet.
It was July 23, 2015, they had planned an hourlong run along Forest Road 250 that crosses the ranch into the national forest, following the Conejos River upstream.
Joe left shirtless, wearing only red running shorts, blue trail shoes, and his Ironman watch. At 4:30 p.m., the friends started out together, but Joe soon fell behind as he was the slower runner.
Collin’s GPS watch shows him turning off Forest Road 250 onto the ranch drive that snakes up behind the lodge. The run became a scramble, so Collin headed back toward the road and upstream. A fly-fisherman spotted Collin about 2.5 miles up the road but never saw Joe. Collin finished his run and began puking due to the high altitude.
Joe never returned.
When Joe didn’t show up for dinner, Collin and Christian drove up the road honking, while ranch hands and guests hiked up the rocks toward a mountain formation called “Faith” towering above the valley. By 9:30 p.m., there were 35 people out searching for Joe.
Sheriff Howard Galvez of the Conejos County Sheriff Department, along with two deputies, arrived about midnight and began assisting the other searchers.
Joe’s parents were notified, leaving their home in Tennessee, along with their 17-year old daughter to travel to the ranch; they were there in less than 24 hours. It was now Joe’s birthday.
Search efforts were upgraded with about 200 people on foot, horseback and ATVs and about 15 canines. The family posted a $10,000 reward for information. Dressed only in shorts, Joe was not prepared for the evenings in the San Juan Mountains, where it is about 62 degrees during the day, down to only 30 degrees at night.
Helicopters and even an infrared-equipped plane was used to search for Joe.
The response to Joe’s disappearance was swift, the resources used in the search for Joe are unmatched by most searches for missing persons, but after a week most volunteers had gone home and after 13 days, the official search stopped. The family left with questions and desperation.
Following is a roller-coaster of emotions, anger, and theories.
May 2016, the search resumed with approximately 30 volunteers, drones and 11 dogs from Colorado Forensic Canines. The search was organized by the Jon Francis Foundation, a Minnesota nonprofit specializing in wilderness search and support. Still no sign of Joe.
An Outside Online article, “How 1,600 People Went Missing from Our Public Lands Without a Trace,” talked to Neal Keller, Joe’s father. “For a lost person, the response is limited to five days on average. There needs to be a plan for applying resources for a little bit longer.”
The Keller family hired two private investigators whose efforts were fruitless.
Nearly a year later, Neal Keller was traveling back and forth from Tennessee to Conejos County, searching for his son every minute he could.
On July 6th, John Reinstra, 54, a former offensive lineman for the Pittsburgh Steelers, an endurance runner and search and rescue hobbyist, located Joe’s body in a boulder field below a cliff. His body 1.7 miles northwest of the ranch.
Rio Grande and Rainbow Trout area of Colorado. Courtesy Jon Billman Outside Online.
Soon after Joe’s disappearance, Gwaltney told Tennessee’s WTVC-TV , “We went running on a forestry road that was pretty well maintained,” he said. “It was gravel and pretty flat, with a few curves. But if you ran off the road, there were pretty steep places.”
Joe is found, and his family now has answers. He is no longer a missing person in a gray area of estimates with limited resources and minimal government attention.
Extensive searches failed to find him 1.7 miles away. The initial search didn’t last long enough.
Government doesn’t keep track of missing on federalland
Experts believe the public would be concerned and alarmed if they knew how many people simply vanish, never to be seen again, while visiting national parks.
According to the FBI National Crime Information Center, there are currently 86,190 active missing person cases in the United States.
The federal government does not track the number of missing persons in national parks, but experts believe about 1,600 individuals mysteriously vanish each year while visiting parks throughout the United States. While many reported missing are found, it is estimated hundreds remain missing.
Many are found, but many are never to be seen again, leaving families suffering the trauma of ambiguous loss – not knowing. Families who have experienced this say knowing your loved one is dead is easier than the “not knowing” what happened.
Written By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations
Penetration testing, intrusion testing and red teaming are some of the terms used for ethical hacking.
The word “hacking” almost always has negative connotations. It seems the mention of Chinese hacking, Russian hacking, or DNC hacking receives constant mention in our 24-hour news cycle.
Ethical hacking is also referred to as penetration testing, intrusion testing and red teaming, coined by the government during the 1970’s when they first hired ethical hackers to break into the United States government’s computer systems to test for vulnerabilities.
It is estimated “hackers” cost the United States more than $445 billion annually.
In a Fortune article “Data Breaches Now Cost $4 Million on Average,” according to IBM’s security division, the cost of a breach per incident has risen to $4 million, up 29% since 2013. “We’re now in a mode where these attacks are going to happen even to people that are well prepared,” said Caleb Barlow, a vice president at IBM Security.
Hackers cost the US government and corporations billions annually.
According to Fortune, hackers and cybercriminals cause most breaches, and more than half of data exposures are caused by malicious attacks; the rest are caused by mistakes or glitches.
Ethical hacking is a growing profession utilized by the United States government, technology companies and other institutions.
In the field, experts refer to three major types of hackers:
White Hats: Security professionals or “ethical hackers” who use their expertise to strengthen a network and secure it from criminals.
Black Hats: Malicious hackers or “crackers” who use their skills for malevolent purposes. White hats work to protect computer structures from the Black Hats.
Gray Hats:Iindividuals who become white or black hats depending upon the circumstances and generally proclaim being an ethical hacker.
Many large corporations, such as IBM, employ teams of ethical hackers to keep their IT systems secure.
Why Ethical Hacking is Important
With every breach reported in the media, the need for more effective information security is becoming increasingly evident.
New technologies such as cloud computing, IT outsourcing, and enterprises must adjust their security practices and policies to combat the threat of malicious hacking. To combat threats, ethical hacking is rapidly gaining attention as an essential security practice to be performed on a regular basis.
“The increased sophistication and success rate for recent cyber-attacks is directly related to the shift in the attacker profile, indicating that nation-states and large criminal organizations are funding well organized, highly motivated, and well-trained teams of programmers,” said Chris Rodriguez, Analyst for Frost and Sullivan. “The elevated threat landscape therefor, urgently dictates the need for a comprehensive, real-world assessment of an organization’s security posture,” said Rodriguez.
Ethical hacking provides objective analysis of an organization’s security stance for organizations of any size. Ethical hacking has become a mainstream service, as companies of all sizes pursue expert, objective, third -party analysis.
What is an Ethical Hacker?
Ethical hacking is an ambiguous term used to describe hacking performed by an individual or organization to help penetrate or gain access to identifying potential threats on a computer or a network infrastructure. In short, ethical hackers are simply computer programmers who use their skills in a constructive manner.
Ethical hackers can attempt to bypass security systems to isolate weak points malicious hackers could exploit. In the effort to eliminate or reduce potential criminal hacks, the information gained by the ethical hacker is then used by the company to make improvements to security.
Some may say there is no such thing as an “ethical” hacker. Simply “hacking is hacking” but the most notable hackers are known publicly as cybercriminals or computer criminals because of the damage they inflict on companies and individuals nationwide.
A highly publicized hacking incident where personal information is compromised can damage a company or organization for years.
A cybersecurity professional can have a range of expertise, anywhere from maintenance, administration, architecture, forensic investigation of secure networked systems that are increasingly necessary for the sake of operation of businesses, nonprofits, governments and medical, and educational institutions.
Even training is offered by the International Council for E-Commerce Consultants (EC-Council). The Certified Ethical Hacker (CEH) exam is made up of approximately 125 multiple choice questions and costs about $500 with additional IT certifications available. Training is entirely voluntary.
Ethics
For hacking to be ethical, a hacker must abide by the following informal rules:
Permission to access the network to identify potential security threats.
Respect individual’s right to privacy.
Treat all data, material, and findings as confidential.
Ethics play a vital role in hacking and differentiating innocent activities from computer crimes. Hacking is ethical if the skills are used to enhance a network system. But the issue of ethics can be very risky when one does not know a person’s motivations. With no formal code of ethics or code of honor, this void creates external forces to determine how to respond when ethical predicaments arise.
An ethical hacker will ensure the client’s IT system is properly evaluated for security issues and vulnerabilities, while protecting sensitive, personal and confidential or proprietary information. While accessing an organization’s system, the respected ethical hacker’s integrity will guide the actions of the ethical hacker.
Security Risks
While ethical hacking presents advantages to increase security to protect IT systems and assets, any organization implementing ethical hacking must consider any negative impacts that may arise from the practice.
An ethical hacker is typically contracted to hack the organization’s system. Hiring outside is usually preferred to start from scratch and simulate potential external hacks.
While there is an advantage of ethical hacking because it supports the organization’s efforts to gain more knowledge about the IT Security by identifying vulnerabilities, the main disadvantage is it presents risks of information disclosure. An outsider could intentionally or unintentionally disclose a company’s proprietary information to outside parties.
A dark side always is present where dishonest people will attempt to exploit others. Some risks of working with ethical hackers include:
The ethical hacker using their skills to conduct malicious hacking activities.
Massive security breaches.
Potential the ethical hacker will place malicious code, malware, viruses or other potentially damaging things on a computer system.
Allowing company’s financial, banking, or other proprietary information will be accessed.
Working with an Ethical Hacker
The benefits of working with an ethical hacker are obvious; however, many are overlooked, ranging from simply preventing malicious hacking to preventing national security breaches.
Before implementing any ethical hacking, an organization must ensure the ethical hacker understands the nature of the client’s business, computer or network system. This will help guide the ethical hacker in handling any sensitive confidential or proprietary information they may encounter.
The leadership in a company or organization must determine the sensitivity or confidentiality of the information involved. This will help ensure the ethical hacker does not violate laws, rules or regulations in handling sensitive personal, financial or proprietary information.
There are several guidelines to use when working with an ethical hacker:
An ethical hacker should create a plan including: identifying all networks and components they will test; detail testing intervals; detail testing process.
Require transparency while working with an ethical hacker, requiring all relevant information be reported while the system or network is being accessed. Transparency ensures the client to make immediate decisions and take necessary actions to maintain the security of the system or network.
Establish target areas with written work agreements requiring the ethical hacker not to work beyond those parameters to minimize exposure of sensitive information. The ethical hacker should not access other areas on the computer or networks not specified in the agreement.
Developing a non-disclosure agreement may be in order prior to contracting with an ethical hacker.
Legal Risks
There are legal risks to include lawsuits involving disclosure of personal and confidential information possibly leading to a legal battle involving the organization and the hacker if the work is not done properly. Also, if the hacker makes errors compromising the IT network or company security, it is possible to negatively impact the organization’s general operations and profitability.
With cyberspace growing exponentially over the last decade, complex legal issues have led to the birth of a highly specialized branch of law. Cyber Law or Internet Law pertains to Internet and computer technology related offenses, especially copyright infringement and fraud that involve computers, software, hardware, and information systems (IS).
The Information and Technology Act, 2000 (IT Act) covers all types of cyber-crime, including hacking as provided under sections 43 and 66 which covers negligence and computer-related offenses.
Cyber Law prevents or reduces large-scale damage from cybercriminal activities by protecting information access, communications, privacy and intellectual property.
Ethical hacking is rapidly gaining attention as an essential business practice. Regardless of risks, companies large and small benefit from the work of ethical hackers by protecting a company’s most valuable data and protecting their bottom line.
Written By: Kym Pasqualini, Feature Crime Writer for Lauth Investigations
When we think of a spy, given the national news cycle, it may conjure up thoughts of Russians or the Chinese who have been long known for hacking and espionage. However, even more common, but much less talked about, is the business mole, and almost every business in America is susceptible.
Every business sector is vulnerable to Corporate Espionage costing businesses billions of dollars per year.
April 10, 2011, Joseph Muto was hired to work for the top-rated “O’Reilly Factor” but within 3 days, he was discovered by Fox employees to be anonymously writing for Gawker. In the span of 72 hours, Muto wrote a series of articles detailing the internal workings of the network, along with stealing and selling raw video clips. In 2013, he pled guilty to two misdemeanor charges and was dubbed the “Fox Mole.” He was fined $1000 and sentenced to over 200 hours community service. At sentencing, he said he wished he had never betrayed his former employer.
United States industries spend more on research and development of unique products and processes than any other country in the world. The key to success is having an “edge” in the business world. Whether a media company, software developing company or bakery, keeping an edge is key.
When someone steals those “trade secrets”, it is called economic espionage and costs American businesses billions annually. Damages can severely destabilize the victim company to include lost revenue, lost employment, lost investments, interruption in production, damaged reputation, and can even result in a company going out of business.
Corporate espionage conducted by spies or moles believe computers are irrelevant. It is about what data they want, what form they take, and how they can steal it.
The Company Man
The Federal Bureau of Investigation (FBI) states no business, large or small, is immune to the threat of moles and/or spies. Any proprietary process, product, or idea can be a target.
To raise awareness, the FBI in collaboration with the National Counterintelligence and Security Center has launched a nationwide campaign and released a short film called “The Company Man: Protecting America’s Secrets,” based on a true story. Mr. Moore is both unappreciated and unhappy with his career as an engineer at a glass insulation and fire-retardant firm. He is targeted on LinkedIn by a competitor who offers him a position in a rival firm. At first, Moore declines because he signed a non-compete. He is then offered $200,000 to obtain plans for equipment and formula for the glass insulation produced at his firm, RIS.
The FBI states many things drive a person to betray the company where they work.
Moore makes the decision to go to his current boss who then contacts the FBI who initiates a sting. A true story, there was an arrest in the case. However, this may not be the decision every employee would make – which makes every employee a liability in a 400 billion, in the dark. underbelly of America’s global economy.
Spotting Insider Threats
What drives a mole? The FBI states company moles are often “overwhelmed by life-crisis or career disappointment” driving them to leak information.
With email, cell phones, and jump drives, stealing information is far easier than in the past. Greed and financial need, unhappiness at work, the promise of a better job, drug or alcohol abuse, and/or vulnerability to blackmail, can all be contributors, says the FBI.
The FBI says employees who leak trade secrets, such as plans, customer databases, etc. will exhibit behaviors other employees can often identify to help prevent breaches.
Your employees may be the first line of protection when combatting the insider threat.
Potential Indicators:
Drastic changes in behavior, demeanor, or work habits.
Unexplained affluence.
Financial hardship.
Substance abuse.
Attempts to circumvent security procedures.
Long hours at the office without authorization.
Taking home proprietary information.
Unnecessarily copying materials.
Using an unauthorized USB drive.
Unusual use of cell phone during business hours.
Asking inappropriate questions.
Suspicious relationships with competitors.
Leaving traps to detect searches of their office.
Based on FBI’s studies, additionally, there are more subtle things to look for:
Someone hired to steal company information will be experienced in the operation of a business and will be able to identify the value of your company’s trade secrets.
Corporate spies are everyone’s friend. To gain access to a company in order to steal information, a mole will be socially adept with the ability to manipulate people to gain their trust.
Individuals who are frequently wandering or talking in locations they do not need to be to complete their job. Someone who reflects a pattern will always have a reasonable excuse as to why they are not in the correct area or talking to specific employees.
Employees who keep trying to re-open decisions already settled and question advisability of decisions.
They act envious.
Vulnerabilities – Getting Access
Once inside, a mole has a lot of ways to access sensitive information. Spies can even work in pairs, possibly one as a consultant and the other an employee. When you have valuable information, never underestimate the methods others will use to gain access to it.
Spying can be as easy as photocopying papers found on unattended desks or at printers. Walking into an empty meeting room with a laptop and pulling data off the network.
A common ploy is pretending to be an employee. Another ploy often used, posing as IT personnel because it enables the individual to look legitimate while accessing network access points and sitting at someone’s computer. In other cases, spies have posed as cleaning staff, gaining access after-hours.
Criminals capitalize on the common assumption if you are in the building, you must be okay. Investing in your company’s staff to raise awareness is the best investment a company can make.
According to InfoWorld, Peter Wood, Chief of Operations at First Base Technologies, a U.K. based consultant firm performing ethical hacking services, “Spies are interested in anything from financial data to intellectual property and customer data. They might steal information for blackmail purposes, but the most common motive for physical intrusion is industrial espionage.”
Wood says the most common way to intrude upon a company is posing as an employee or a visitor, even creating convincing costumes to pose as a legitimate visitor such as telephone, electrical or maintenance person, a burglar alarm inspector, even someone from the fire department.
Protecting Your Trade Secrets
The FBI lists several ways to protect your workplace from insider threats.
Recognize the threat.
Identify and value trade secrets.
Implement a definable plan for safeguarding trade secrets.
Secure physical trade secrets and limit access to trade secrets.
Provide ongoing security training to employees.
Use protective tools such as screensavers with password controls.
Classify information and store accordingly.
Secure the workplace so visitors do not have access without security screening.
Encrypt data and require strong passwords for employees with liberal access rights.
Develop an insider threat program.
Proactively report suspicious incidents to the FBI before your proprietary information is irreversibly compromised.
Ask the FBI or other security professionals for additional awareness training.
At times, companies are hesitant to report such activity for fear they will risk their trade secrets being disclosed in court or compromised in any way. The FBI will do all it can to minimize business disruption, safeguard data and privacy, and will seek protective orders to preserve business confidentiality and sensitive information. The Department of Justice also has a variety of protections in place to ensure information is protected during a criminal prosecution.
By: Kym Pasqualini, Feature Writer for Lauth Investigations
Scandals can arise anywhere, especially in the workplace, and schools are especially vulnerable. Allegations of sexual misconduct, assault and other accusations violating workplace compliance and law, have severe civil and criminal liability.
We have all heard about sports-related and college scandals, and the newly and highly publicized accusations against Harvey Weinstein that seemingly were permitted to go on for years without anyone acting. These situations can create not only a media frenzy, social media ubiquity and significant liability within a company. How complaints are handled can affect an institution’s reputation for years.
Institutional leadership has a moral, ethical and legal obligation to protect students and employees.
Most importantly, it is the responsibility of an institution to protect their students and employees, and the leadership has a legal, moral and ethical obligation to do so.
An institution’s investigative process, in response to sexual assault or misconduct, needs to be geared toward determining what happened without having preconceived notions of the outcome. The process should be consistently applied, clearly documented, and show the steps followed in achieving the conclusion.
Maintaining a record of this process and the findings is critical to minimizing risk should there be a consequent lawsuit or investigation by an outside entity.
Title IX
President Richard M. Nixon signed Title IX Educational Amendments of 1972 as a comprehensive federal law prohibiting discrimination on the basis of sex in any federally funded education program or activity. In addition, protecting employees and students from sexual misconduct.
Sexual assault and misconduct investigations not meeting legal standards are increasingly resulting in very costly claims. Ensuring Title IX compliance is the best way to minimize risk.
In a 2011, “Dear Colleague” letter (DCL) was issued by the U.S. Department of Education’s Office for Civil Rights (OCR). According to the letter, investigations must be:
Prompt – The DCL defines the meaning of “prompt” as conducting an investigation within 60 days, acknowledging more complex cases may require more time.
Thorough – OCR mandates a case must be “thorough” and the investigation must be conducted in good faith. The employer must have legal grounds to believe the employee participated in misconduct before any disciplinary action is taken.
Courts expect a thorough and adequate investigation in all sexual assault and misconduct cases.
Courts do not focus on whether the employer made the right conclusion but instead, examine the determining process used to ensure the investigation was adequately thorough. For example, analyzing the type and number of interviews conducted, confidentially of the interviews, were they handwritten or recorded and how. The court also notes if the investigator asked non-leading, open-ended questions; encouraged witnesses to clarify or correct testimony; or challenged information provided by witnesses.
Small mistakes may not damage an investigation; however, a case could be considered inadequate simply on the pretense an individual lacked prior experience investigating sexual harassment cases or failed to adequately explore the allegations.
Impartial – It is necessary to remain impartial. For example, the person who made the complaint should not be a supervisor over the individual investigating the complaint. A qualified investigator should always be used to investigate sexual assault and harassment complaints, one who can remain objective and has no stake in the outcome of the case.
There are two recommended models of investigation to be conducted by a trained investigator understanding of the evidence needed to sustain or disprove allegations.
What Are The Numbers?
The Chronicle of Higher Education (CHE) tracks federal investigations of colleges for potential violations of the gender-equity law Title IX involving alleged sexual violence. According to CHE, as of January 10, 2018, there were 337 sexual violence cases under investigation at 243 postsecondary institutions.
A campus investigation differs from a police investigation; however, both can occur at the same time. It just depends on where the victim reports the assault. A victim may feel more comfortable going to campus police than law enforcement for fear they may be doubted or blamed, especially in cases of rape by an acquaintance. Though advocates fear victims being discouraged from coming forward, in several states, lawmakers are now proposing colleges be required to notify law enforcement.
Pre-Investigation
In this model, the investigator meets individually with both parties and witnesses prior to any hearing and provides the information to a panel or hearing official. The goal is to maximize the information obtained during the interview process by questioning parties and witnesses privately to minimize stress for the participants, while also protecting testimony.
Prior-Hearing Investigative Process
The other common model, the investigation is part of the hearing process where an official panel or hearing official questions witnesses, hears testimony, reviews documents and evidence, and makes a conclusion.
While this model may work well for some institutions, it tends to be viewed as adversarial and may affect the overall reliability of the case.
According to United Education’s EduRisk program, while it is the institution’s responsibility to investigate alleged sexual assaults or harassment, and decide if discipline is warranted, this model can inappropriately burden the parties to present their cases by identifying witnesses and evidence for school officials to consider. In addition, most school officials are not trained investigators or private detectives with experience working with such sensitive circumstances.
Proper Documentation
The institution has the responsibility to properly document its investigation of any sexual misconduct allegation to provide a reliable record of all evidence the findings are based. This is especially critical when an allegation may appear meritless on the surface.
Though courts do not favor one method of documenting interviews, ideally, in addition to a final report, an investigator should provide a summarization of evidence, assessment of credibility of witnesses interviewed, and contain only factual conclusions.
Policies and Procedures
Given the importance of sexual assault and other misconduct allegations, it is necessary to have the appropriate policy and procedures to demonstrate the institution’s commitment to the safety of its employees and students, help prevent avoidable crises and support an efficient and effective response.
It is vital to understand when an investigation is warranted, and the purpose of the investigations, to include planning and organizing.
Every institution or company should have policies in place specifically addressing suspected misconduct to help respond reasonably with guidance as to how staff should respond and recommended to utilize experts to help identify vulnerabilities that may exist in an institutions current policies and procedure.
What a Federal Investigation Entails
To most onlookers, the federal investigation process of an institution is opaque. The OCR informs a college it is under investigation and informs whether it is based upon a compliance review or complaint. When it is a complaint, typically, the complainant’s information is not made available.
Federal officials require a great deal of information, such as policies, training material, investigative reports, interviews, incident reports, hearing documents. They will visit the campus to meet with both students and employees as well.
Some OCR investigations can conclude quietly, with an “administrative closure,” “early complaint resolution,” or “insufficient evidence.” Other investigations can result is a letter of findings, not seen until the conclusion, along with a “negotiated resolution agreement” that details policies and procedures a college must change or adopt. To comply, these often require implementing or expanding training programs for faculty, students, and staff, along with modifying policy and procedure.
Investigations are getting tougher. The OCR will likely monitor the college’s progress for years to come.
The best way to avoid investigative, policy and procedure pitfalls is to respond appropriately the first time using a professional investigative agency or experienced private investigator.
Fair and Independent Investigations
Lauth Investigations Sexual Harassment Division is headed by founder Thomas Lauth who has extensive experience investigating sexual misconduct.
One thing has become abundantly clear, after watching the numerous news stories covering sexual assault and harassment, is remaining mindful of the sensitivities involved in such an investigation, making it necessary to address each client’s needs. In addition, a rapid response, both thorough and professional, is necessary so as not to cause more harm.
Sexual assault and other misconduct has serious psychological consequences on the victim. Lauth Investigations professionally conducts sensitive internal investigations related to sexual assault and misconduct with utmost integrity. Our private investigators take great care to develop facts, determine credibility, and reach findings with objectivity and independence, while also exercising discretion and sensitivity.
During an investigation, Lauth Investigations expert private investigators will interview the complainant and witnesses, examine relevant documents, obtain written statements, medical records, email and other communication. At conclusion, a confidential report is delivered to include finding and recommendations that adhere to court and panel oversight.
Title IX investigations differ from a law enforcement investigation, and critical in the initial phase to ensure evidence is preserved, whether it be physical evidence, video surveillance or other important aspects of a proper investigation. Lauth investigators will ensure the investigation is treated with utmost integrity so as not to compromise the investigation.
Our experts can also evaluate and provide recommendations of current policies and procedures to help strengthen the response to sexual assault and misconduct.
Amy and Steve both graduated from the University of Wyoming with degrees in exercise physiology. They had been married a little over a year.
An experienced hiker, David Miller, 22, was last seen at the Beaver Creek Ranger Station preparing to leave on a two-day hike on May 19, 1998, in the Red Rock/Secret Mountain Wilderness area.
Joe left shirtless, wearing only red running shorts, blue trail shoes, and his Ironman watch. At 4:30 p.m., the friends started out together, but Joe soon fell behind as he was the slower runner.
Some may say there is no such thing as an “ethical” hacker. Simply “hacking is hacking” but the most notable hackers are known publicly as cybercriminals or computer criminals because of the damage they inflict on companies and individuals nationwide.
The institution has the responsibility to properly document its investigation of any sexual misconduct allegation to provide a reliable record of all evidence the findings are based. This is especially critical when an allegation may appear meritless on the surface.
Thomas Lauth